Thursday, June 16, 2011

Prepare for the "Advanced Persistent Threat" - Technology Review

An aptly timed cyberattack reality check

Unlike recent website takeovers by brazen "hacktivists" or massive thefts of credit card data, APTs are elaborate and sustained con jobs that are difficult to detect. The term was coined by government organizations accustomed to fighting online espionage, says Tom Cross, manager of the IBM X-Force Advanced Research security team, but these kinds of attacks are now becoming common enough to be discussed in corporate boardrooms. In a March survey of 563 IT security specialists by nCircle, a security technology company, 16 percent of the respondents listed APTs as their biggest security concern in 2011. That made it the second-most-worried-about security issue; 26 percent of respondents said their top priority was complying with security-related regulations.